Re: [Cooker] Kmail Problem?? Possible Dup
Use shorewall or something similar to adjust the firewall. Tom On Mon, 2003-08-11 at 21:45, Todd Lyons wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wanted us to know: This brings up an interesting question. My ISP blocks all outgoing port 25 connections as well as incoming. Is there anyway to use a local SMTP server in this situation, or won't it be blocked when it forwards the mail on? My work just implimented the same block, so it would be nice to know if there is a way around it. I'm assuming that you meant block all outgoing port 25 unless it is to the ISP mail server. Just configure Postfix to use the ISP mail server as a smart host. Then postfix will never try to deliver directly to who it's addressed, instead it will relay through your ISP. Regards...Todd - -- Are there any plans to allow different levels of protection in the firewall? Right now the iptables rules are too strict to function properly on a windows network without manually adjusting the rules. --Cooker ML Oct 2002 Linux kernel 2.4.21-0.25mdk 7 users, load average: 0.00, 0.02, 0.00 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: http://www.mrball.net/todd.asc iD8DBQE/OHD8IBT1264ScBURArWAAJ4vCYfqzEj2snsG0xGYq1j7qEfG9wCfWEoH 2Y5Nxuhs82urUV/8i47hlnQ= =8S+w -END PGP SIGNATURE- -- Best Regards Thomas Spuhler All e-mail sent from this site has been scanned for viruses. This E-mail has a digital signature attached for proof of its origin. signature.asc Description: This is a digitally signed message part
Re: [Cooker] Kmail Problem?? Possible Dup
On Monday 11 August 2003 10:24 am, Guillaume Rousse wrote: Ainsi parlait Ken Thompson : How are they getting my personal IP when I'm connecting through a firewall? Cause they are in the mail enveloppe headers. Does Kmail send this info somehow and if so, how can it be turned off? It can't, it wouldn't be RFC compliant otherwise. This seem to go against what I thought was one of the reasons for having a firewall in the first place. I don't understand why email needs to send the specific machine IP address. If you really care, install a SMTP server and perform headers rewriting. Can't, ISP limitations. -- Ken Thompson WA7SYR Payette, Idaho Email: [EMAIL PROTECTED] Linux- Coming Soon To A Desktop Near You Registered Linux User #183936
Re: [Cooker] Kmail Problem?? Possible Dup
Ainsi parlait Ken Thompson : On Monday 11 August 2003 10:24 am, Guillaume Rousse wrote: Ainsi parlait Ken Thompson : How are they getting my personal IP when I'm connecting through a firewall? Cause they are in the mail enveloppe headers. Does Kmail send this info somehow and if so, how can it be turned off? It can't, it wouldn't be RFC compliant otherwise. This seem to go against what I thought was one of the reasons for having a firewall in the first place. I don't understand why email needs to send the specific machine IP address. You're confusing. A firewall works essentially at transport level (IP), whereas you're dealing here with application level (SMTP) problems. When you want to masquerade your IP adresses on the web, the easiest way is to use an HTTP proxy, not a firewall. The same goes for mail, the easiest way is to use a SMTP gateway. If you really care, install a SMTP server and perform headers rewriting. Can't, ISP limitations. Your ISP can block external connections on port 25, but can't prevent you from listening your own network. -- Guillaume Rousse In any human endeavor, once you've exhausted all possibilities and fail, there will be one solution, simple and obvious, highly visible to everyone else -- SNAFU Equations (JB's Scholastic Laws) n°5 This brings up an interesting question. My ISP blocks all outgoing port 25 connections as well as incoming. Is there anyway to use a local SMTP server in this situation, or won't it be blocked when it forwards the mail on? My work just implimented the same block, so it would be nice to know if there is a way around it. Just wondering... Thanks Scott
Re: [Cooker] Kmail Problem?? Possible Dup
Ainsi parlait Ken Thompson : How are they getting my personal IP when I'm connecting through a firewall? Cause they are in the mail enveloppe headers. Does Kmail send this info somehow and if so, how can it be turned off? It can't, it wouldn't be RFC compliant otherwise. If you really care, install a SMTP server and perform headers rewriting. -- Guillaume Rousse No matter how early you arrive, you'll always get there too late. The best buy of the day always take place in front of you. -- Ferguson's Observation's Concerning Flea Markets
Re: [Cooker] Kmail Problem?? Possible Dup
On Mon Aug 11 11:31 -0600, Ken Thompson wrote: If you really care, install a SMTP server and perform headers rewriting. Can't, ISP limitations. If you just set the SMTP server to accept connections from localhost, there is no way the ISP can know... -- Levi Ramsey [EMAIL PROTECTED] [EMAIL PROTECTED] Take due notice and govern yourselves accordingly. Currently playing: Rush - Fly By Night - Best I Can Linux 2.4.21-3mdk 14:37:00 up 6 days, 23:55, 11 users, load average: 0.37, 0.35, 0.19
Re: [Cooker] Kmail Problem?? Possible Dup
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wanted us to know: This brings up an interesting question. My ISP blocks all outgoing port 25 connections as well as incoming. Is there anyway to use a local SMTP server in this situation, or won't it be blocked when it forwards the mail on? My work just implimented the same block, so it would be nice to know if there is a way around it. I'm assuming that you meant block all outgoing port 25 unless it is to the ISP mail server. Just configure Postfix to use the ISP mail server as a smart host. Then postfix will never try to deliver directly to who it's addressed, instead it will relay through your ISP. Regards... Todd - -- Are there any plans to allow different levels of protection in the firewall? Right now the iptables rules are too strict to function properly on a windows network without manually adjusting the rules. --Cooker ML Oct 2002 Linux kernel 2.4.21-0.25mdk 7 users, load average: 0.00, 0.02, 0.00 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: http://www.mrball.net/todd.asc iD8DBQE/OHD8IBT1264ScBURArWAAJ4vCYfqzEj2snsG0xGYq1j7qEfG9wCfWEoH 2Y5Nxuhs82urUV/8i47hlnQ= =8S+w -END PGP SIGNATURE-
Re: [Cooker] Kmail Problem?? Possible Dup
Guillaume Rousse wrote: Does Kmail send this info somehow and if so, how can it be turned off? It can't, it wouldn't be RFC compliant otherwise. If you really care, install a SMTP server and perform headers rewriting. It's not entirely true. I had this problem when using local dns. Either use iptables to MASQ LAN with external IP or use only ISP dns in /etc/resolv.conf will solve the problem. At least that's what I did. -Larry
[Cooker] Kmail Problem?? Possible Dup
How are they getting my personal IP when I'm connecting through a firewall? Does Kmail send this info somehow and if so, how can it be turned off? = Received: from scanmail3.cableone.net [24.116.0.123] by scanmail3.cableone.net (SMTPD32-7.04) id AAE93E67011C; Fri, 08 Aug 2003 07:59:53 -0700 Received: from 192.168.0.xxx (24-117-75-72.cpe.cableone.net [24.117.75.xx]) by mail.cableone.net with SMTP (MailShield v2.04 - WIN32 Jul 17 2001 17:12:42); Fri, 08 Aug 2003 07:59:52 -0600 = Mandrake 9.2 beta1 Sorry if this shows up twice, sent it out a couple of days ago and it hasn't shown up on the list yet. -- Ken Thompson WA7SYR Payette, Idaho Email: [EMAIL PROTECTED] Linux- Coming Soon To A Desktop Near You Registered Linux User #183936
Re: [Cooker] Kmail Problem?? Possible Dup
On Mon Aug 11 9:18 -0600, Ken Thompson wrote: Does Kmail send this info somehow and if so, how can it be turned off? Yes. KMail is sending this information. Basically, it's the HELO part of an SMTP transaction, which is basically required by an SMTP transaction. It shouldn't be turned off; that would be a Bad Thing. KMail should probably be using something besides the IP (there are mailservers that will reject non-resolvable or non-FQDN hostnames). The output of hostname is probably a better option (though that would require working DNS). -- Levi Ramsey [EMAIL PROTECTED] [EMAIL PROTECTED] Take due notice and govern yourselves accordingly. Currently playing: Billy Joel - Glass Houses - I Don't Want to Be Alon Linux 2.4.21-3mdk 14:38:00 up 6 days, 23:56, 11 users, load average: 0.21, 0.30, 0.18
Re: [Cooker] Kmail Problem?? Possible Dup
Ainsi parlait Ken Thompson : On Monday 11 August 2003 10:24 am, Guillaume Rousse wrote: Ainsi parlait Ken Thompson : How are they getting my personal IP when I'm connecting through a firewall? Cause they are in the mail enveloppe headers. Does Kmail send this info somehow and if so, how can it be turned off? It can't, it wouldn't be RFC compliant otherwise. This seem to go against what I thought was one of the reasons for having a firewall in the first place. I don't understand why email needs to send the specific machine IP address. You're confusing. A firewall works essentially at transport level (IP), whereas you're dealing here with application level (SMTP) problems. When you want to masquerade your IP adresses on the web, the easiest way is to use an HTTP proxy, not a firewall. The same goes for mail, the easiest way is to use a SMTP gateway. If you really care, install a SMTP server and perform headers rewriting. Can't, ISP limitations. Your ISP can block external connections on port 25, but can't prevent you from listening your own network. -- Guillaume Rousse In any human endeavor, once you've exhausted all possibilities and fail, there will be one solution, simple and obvious, highly visible to everyone else -- SNAFU Equations (JB's Scholastic Laws) n°5
